Industry Regulations and Certifications Viable on Outsourcing

On October 27, 2011, in Outsourcing, by Business Development Group

When outsourcing, specific industry regulations and certifications are required as part of company operation. These regulations and certifications also apply to the service provider when working on outsourced processes. When outsourcing, specific industry regulations and certifications are required as part of company operation. These regulations and certifications also apply to the service provider when working on outsourced processes.

For example, U.S. financial institutions are required to comply to National Association of Securities Dealers, Inc. (NASD) and one of the dimensions is the requirement of obtaining certifications for employing certain practices (such as advising public on investment matters). In the insurance industry, U.S. state governments requires licensing of business (and) people who provide “third party administration” (such as adjucation of a claim).

Related article: Outsourcing Trend: Customer Satisfaction to Customer Loyalty

In addition to these certifications, many outsourcing providers seek additional certifications to demonstrate their capabilities and maturity in managing processes. Aside from the various quality related certifications and designations/disciplines that service providers adopt to show their commitment to improving process quality, there are certifications do not have any legal standing except businesses may require their providers to obtain them as a way to reduce their risk in outsourcing. Hereunder are some of the more commonly known certifications:

Related article: Call Center as a Marketing Channel

 

Capability Maturity Model

Deals with establishing levels of capability and maturity in Information Systems processes.

 

Information Technology Infrastructure Library or Information Systems Infrastructure

Certification for managing the information technology systems and its capabilities.

 

Various ISO standards

Dealing with security (ISO) 17799 or quality (9000.1) also provide for a framework for certification. For example, the ISO standard for computer security has been adopted by the British Standards Board (and classified as BS1779) and offer certification through independent assessors.

Related article: Outsourcing Trend: Customer Satisfaction to Customer Loyalty

 

Meet Outsourcing Casey!Meet outsourcing Casey!

 

Common Laws That Impact Outsourcing

On October 27, 2011, in Outsourcing, by Business Development Group

Common reasons why companies outsource include because they have a position that needs filed infrequently, access to more qualified and experienced applicants, want to offshore simple tasks in order to save money or they are a very small business who does not want to deal with hiring employees.Common reasons why companies outsource include access to more qualified and experienced applicants, have positions that only need to be filled infrequently, want to send simple tasks offshore in order to save money, or they are a very small business who does not want to deal with hiring employees.

The International Association of Outsourcing Professionals, (IAOP), cites several government regulations that directly impact outsourcing decision-making or implementation. These include regulations surrounding controls imposed on public companies – in the U.S. as well as other countries. Additionally, there are regulations that impact certain industries in different countries and they have to be adequately addressed when going through the outsourcing process (from decision-making to implementation and governance). It is necessary to understand the impact of these and other regulations, and provide actions to meet them.

Hereunder are the common laws in the United States that impact companies that engage in outsourcing or offshore outsourcing:

         Read related article:Cost Benefits – Why Lawyers Should Consider Outsourcing

U.S. Federal Regulations

Privacy Act of 1974 (5 U.S.C 552a)

Establishes a Code of Fair Information Practice that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies.

Graham-Leach-Bailey act for financial institution

Financial Services Modernization Act of 1999, (Pub. L. No. 106-102, 113 Stat. 1338, enacted November 12, 1999) is an act of the 106th United States Congress (1999–2001). It repealed part of the Glass–Steagall Act of 1933, removing barriers in the market among banking companies, securities companies and insurance companies. The Glass–Steagall Act prohibited any one institution from acting as any combination of an investment bank, a commercial bank, and an insurance company.

Federal Trade Commission (FTC)

Act dealing with disposal of information and records and liability associated with disclosure.

O.C.C. Regulations

For banks impacting subcontracting of work including offshoring.

Federal Trade Commission (FTC) Act

Dealing with disposal of information and records and liability associated with disclosure.

Health Insurance Portability and Accountability Act (HIPAA) of 1996

Protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.

Telecommunications Act of 1996 – Section 222

Dealing with Customer Proprietary Network Information (CPNI).

U.S. Patriot’s Act of 2001

Deals with approving (and identifying) people with whom business is conducted or employment offered. Mostly commonly used legal requirement is that the company must “certify” that the employees (or contractors) are not on the U. S. Government’s list of undesirable/dangerous people or, the “OFAC” list.

Sarbanes-Oxley

Regulation requiring public companies (of certain size) to certify internal controls; including controls over outsourced processes.

European Regulations

Data Protection Act

More commonly known as the Safe Harbor provision as well as the trans-border data flow that regulates how information in shared and communicated between countries and companies.

Acquired Rights Directive

Requires business to follow certain procedures during outsourcing and also provides for employee rights through the outsourcing action such as pension provision.

Meet Outsourcing Casey!

Meet outsourcing Casey!

Free WordPress Theme